Lucene search
K

54 matches found

OSV
OSV
added 2024/08/30 7:56 a.m.13 views

CVE-2024-44944 netfilter: ctnetlink: use helper function to calculate expect ID

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nfexpectgetid helper function to calculate the expectation ID, otherwise LSB of the expectation object address is...

5.5CVSS6.1AI score0.00239EPSS
Exploits0References14
OSV
OSV
added 2024/04/30 6:15 p.m.2 views

CVE-2024-33831

A stored cross-site scripting XSS vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...

7.4CVSS5.9AI score0.00493EPSS
Exploits0References1
NVD
NVD
added 2024/04/30 6:15 p.m.19 views

CVE-2024-33831

A stored cross-site scripting XSS vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...

7.4CVSS5.4AI score0.00493EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.5 views

PT-2024-25502 · Yapi · Yapi

Name of the Vulnerable Software and Affected Versions: yapi version 1.10.2 Description: A stored cross-site scripting XSS vulnerability in the Advanced Expectation - Response module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...

7.4CVSS5.3AI score0.00493EPSS
Exploits0References5
CVE
CVE
added 2024/04/30 12:0 a.m.52 views

CVE-2024-33831

CVE-2024-33831 describes a stored cross-site scripting (XSS) vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 . The issue allows an attacker to inject a crafted payload into the body field , enabling execution of arbitrary web scripts or HTML in the victim’s browser. Co...

7.4CVSS5.5AI score0.00493EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/30 12:0 a.m.28 views

CVE-2024-33831

A stored cross-site scripting XSS vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...

5.5AI score0.00493EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/15 8:14 p.m.13 views

CVE-2021-47129 netfilter: nft_ct: skip expectations for confirmed conntrack

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: skip expectations for confirmed conntrack nftctexpectobjeval calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called for !nfctisconfirmed. 1825.349056 WARNING: CPU: 0 PID: 1279 a...

6.8AI score0.00546EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/15 8:14 p.m.25 views

CVE-2021-47129 netfilter: nft_ct: skip expectations for confirmed conntrack

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: skip expectations for confirmed conntrack nftctexpectobjeval calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called for !nfctisconfirmed. 1825.349056 WARNING: CPU: 0 PID: 1279 a...

6.7AI score0.00546EPSS
Exploits0References4
OSV
OSV
added 2023/05/18 4:34 p.m.13 views

CVE-2023-32322 Arbitrary file read in Ombi

Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. Versions prior to 4.38.2 contain an arbitrary file read vulnerability where an Ombi administrative user may access files available to the Ombi server process on the host...

4.9CVSS4.8AI score0.02142EPSS
Exploits1References7
Openbugbounty
Openbugbounty
added 2022/02/27 5:16 a.m.10 views

greatexpectation.com.au Cross Site Scripting vulnerability OBB-2384909

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Akamai Blog
Akamai Blog
added 2017/03/21 12:23 p.m.22 views

Media Acceleration Enhances Online Experiences for OTT Video, Games and Software Downloads

Online audiences are growing and so are their expectations for the quality of experience. You know exactly what I mean if you've ever been frustrated with the rate at which a game is downloading or if your video stalls at the most inopportune time. Online streaming is no longer novel, it's the...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2015/10/01 11:0 a.m.12 views

HTTPS Available as Opt-In for Blogspot

Google said on Wednesday it has made HTTPS available as an opt-in for its Blogspot publishing service. Google and other technology providers have been ramping up encryption rollouts in the two years since the publication of the Snowden documents began. To date, Google has encrypted Gmail, search,...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2015/01/07 3:54 p.m.7 views

FTC Urges IoT Privacy, Security at Consumer Electronics Show

In her keynote address yesterday at the Consumer Electronics Show in Las Vegas, Federal Trade Commission Chairwoman Edith Ramirez imagined the dystopic convergence of big data conglomerates and a ceaseless information gathering machine fueled by the constant connectivity ushered in by the so-call...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2013/06/11 9:40 a.m.10 views

Suit Filed Against NSA, Obama Over Surveillance Program

A group of people, including a former federal prosecutor and the parents of a Navy SEAL sniper killed in action, have filed a class-action law suit against the National Security Agency, Verizon and President Obama over the NSA’s collection of cell phone data. The suit says the order that enabled...

6.7AI score
Exploits0References2
Rows per page
Query Builder